Security Affairs
CISA Adds Palo Alto Networks Expedition Bugs to its Known Exploited Vulnerabilities Catalog
The two actively exploited vulnerabilities, including OS command injection (CVE-2024-9463) and SQL injection (CVE-2024-9465), can be chained together to compromise PAN-OS firewalls.
Zoom Addressed Two High-Severity Issues in Its Platform
Zoom fixed six vulnerabilities in its video conferencing platform, including two high-severity issues that could be exploited by remote attackers to escalate privileges or leak sensitive information.
Nigerian Man Sentenced to Over 26 Years in Real Estate Phishing Scams
Nigerian Kolade Ojelade, a resident of the UK, has been sentenced to 26 years in a US prison for conducting phishing scams. He used a "man-in-the-middle" email phishing and spoofing attack to compromise the email accounts of real estate businesses.
Critical Bug in Cisco UWRB Access Points Allows Attackers to Run Commands as Root
The vulnerability (CVE-2024-20418) lets remote, unauthenticated attackers execute commands with root privileges on vulnerable Ultra-Reliable Wireless Backhaul (URWB) access points.
International Law Enforcement Operation Shut Down DDoS-for-Hire Platform Dstat.cc
The two suspects, aged 19 and 28, from Darmstadt and Rhein-Lahn, were arrested for allegedly managing criminal infrastructure for DDoS attacks and drug trafficking purposes.
Cisco Fixed Tens of Vulnerabilities, Including an Actively Exploited One
Cisco has patched vulnerabilities in Adaptive Security Appliance (ASA), Secure Firewall Management Center (FMC), and Firepower Threat Defense (FTD) products, including one actively exploited in a large-scale brute-force attack campaign.
Samsung Zero-Day Flaw Actively Exploited in the Wild
Google's Threat Analysis Group identified a Samsung zero-day vulnerability, tracked as CVE-2024-44068, being actively exploited. It is a use-after-free issue that allows attackers to escalate privileges on vulnerable Android devices.
Unknown Threat Actors Exploit Roundcube Webmail Flaw in Phishing Campaign
Hackers used a patched Roundcube vulnerability in a phishing attack to steal user credentials. Positive Technologies found an email sent to a government organization in June 2024, containing an empty message with an attached document.
Brazil's Polícia Federal Arrested the Notorious Hacker USDoD
Brazil's Polícia Federal has arrested hacker USDoD, known for breaches of National Public Data and InfraGard portals. CrowdStrike identified USDoD as Luan BG, a 33-year-old Brazilian man from Minas Gerais.
Brazil's Polícia Federal Arrested the Notorious Hacker USDoD
Brazil's Polícia Federal has arrested hacker USDoD, known for breaches of National Public Data and InfraGard portals. CrowdStrike identified USDoD as Luan BG, a 33-year-old Brazilian man from Minas Gerais.
Defend Against Threats with Cyber Fusion
Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.
Learn More
Trending Tags
